Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/9M0AiS47Pz0Y4H4nEhLyH7lIBxg.roa
File: 9M0AiS47Pz0Y4H4nEhLyH7lIBxg.roa (raw, json)
Hash identifier: JI2RcSzbSUEoNleuGE0SZtfxa4artCslIYmqUbSMEgk=
Subject key identifier: F4:CD:00:89:2E:3B:3F:3D:18:E0:7E:27:12:12:F2:1F:B9:48:07:18
Certificate issuer: /CN=fa2e72abf7b1728fda6aa0b0413d8854812ea361
Certificate serial: 018D1D7BD72A2FE7308F514E841C129E89F1
Authority key identifier: FA:2E:72:AB:F7:B1:72:8F:DA:6A:A0:B0:41:3D:88:54:81:2E:A3:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-i5yq_exco_aaqCwQT2IVIEuo2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/9M0AiS47Pz0Y4H4nEhLyH7lIBxg.roa
Signing time: Thu 18 Jan 2024 16:51:11 +0000
ROA not before: Thu 18 Jan 2024 16:51:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57043
IP address blocks: 185.231.221.0/24 maxlen: 24
185.231.222.0/24 maxlen: 24
185.240.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/1-i5yq_exco_aaqCwQT2IVIEuo2E.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/1-i5yq_exco_aaqCwQT2IVIEuo2E.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-i5yq_exco_aaqCwQT2IVIEuo2E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1d:7b:d7:2a:2f:e7:30:8f:51:4e:84:1c:12:9e:89:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa2e72abf7b1728fda6aa0b0413d8854812ea361
Validity
Not Before: Jan 18 16:51:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4cd00892e3b3f3d18e07e271212f21fb9480718
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:52:3e:79:54:28:10:08:a3:71:c6:c2:0f:19:
8e:00:24:c1:47:61:7b:1c:14:f8:06:33:29:2e:c6:
9b:62:63:e9:68:1d:53:5d:6d:0e:7b:54:6c:56:75:
ed:5c:cc:8e:9b:f8:35:43:ce:81:dd:ca:94:4d:7a:
ed:ba:00:b7:f9:59:87:bd:db:f7:f5:90:08:07:c2:
dc:3b:eb:ab:e1:4c:b8:42:eb:3e:6b:98:6a:92:40:
95:2c:13:9b:f4:dc:3b:16:a5:df:7f:b5:c6:5c:21:
df:f2:8d:86:5a:61:8e:15:8b:fa:34:e4:12:7d:c9:
18:10:54:30:8c:7d:32:1b:c6:ad:8d:2d:5c:0d:f5:
0a:8f:2f:0d:a9:7b:6d:e4:57:6c:47:31:30:ac:7a:
0c:5d:e2:e6:aa:3c:43:87:63:a6:fa:80:5a:36:5e:
6c:87:f2:c1:11:41:53:df:2b:24:78:b2:10:f5:39:
c6:15:73:1f:5e:3b:98:0b:1a:1e:b0:36:a4:c7:b7:
01:e7:b0:72:14:f4:fd:5d:4b:b5:cd:4a:fe:0e:15:
87:85:31:77:80:e9:5c:7d:c1:ad:a8:86:10:6b:53:
1e:ec:e0:6c:23:16:90:93:dd:34:d7:19:2c:9c:e2:
4d:3c:4b:66:45:76:b3:fa:9b:b3:ef:26:49:7e:a0:
5f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:CD:00:89:2E:3B:3F:3D:18:E0:7E:27:12:12:F2:1F:B9:48:07:18
X509v3 Authority Key Identifier:
keyid:FA:2E:72:AB:F7:B1:72:8F:DA:6A:A0:B0:41:3D:88:54:81:2E:A3:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-i5yq_exco_aaqCwQT2IVIEuo2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/9M0AiS47Pz0Y4H4nEhLyH7lIBxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/1-i5yq_exco_aaqCwQT2IVIEuo2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.221.0-185.231.222.255
185.240.160.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:c7:d3:c2:d3:38:98:de:fd:76:ec:e7:ca:4f:e3:aa:69:46:
88:a8:0c:4a:17:86:52:23:7e:b9:a3:09:cd:a8:d6:9f:57:98:
97:a0:00:d1:06:c4:84:83:93:bd:a8:19:0b:87:1a:62:62:58:
77:c7:00:a9:a7:55:d0:51:5c:b0:84:4a:f2:42:55:73:42:0e:
75:41:3f:a9:54:e1:12:d1:57:3c:dc:21:f0:22:42:02:cd:23:
04:12:79:0b:df:7c:ed:93:02:93:cc:a8:6f:80:df:77:45:26:
77:19:64:de:c2:a2:37:69:16:40:4d:75:cd:da:7c:02:34:29:
f6:55:f1:9c:f7:9c:ef:83:82:2e:66:6b:a2:c4:bf:f6:3a:93:
aa:df:70:0b:fb:aa:64:df:e1:13:5d:aa:53:fb:03:d5:41:7a:
52:b6:1e:02:21:6f:cb:b7:cc:78:e5:ec:49:a1:73:3b:9b:11:
75:27:a6:e7:08:e2:be:f1:f7:10:c1:c8:2f:90:96:1d:ba:29:
13:ab:3b:58:33:6b:cc:4b:ec:4b:1e:12:43:9e:e4:dc:36:e2:
d1:c4:92:e3:65:f1:5b:d3:79:95:06:1b:19:05:f6:8d:a0:e4:
2d:f9:0d:9a:a7:d0:46:93:39:5e:58:1c:45:56:77:a8:12:ea:
5b:bc:6d:e6
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAY0de9cqL+cwj1FOhBwSnonxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhMmU3MmFiZjdiMTcyOGZkYTZhYTBiMDQxM2Q4ODU0ODEy
ZWEzNjEwHhcNMjQwMTE4MTY1MTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGNkMDA4OTJlM2IzZjNkMThlMDdlMjcxMjEyZjIxZmI5NDgwNzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFI+eVQoEAijccbCDxmOACTBR2F7
HBT4BjMpLsabYmPpaB1TXW0Oe1RsVnXtXMyOm/g1Q86B3cqUTXrtugC3+VmHvdv3
9ZAIB8LcO+ur4Uy4Qus+a5hqkkCVLBOb9Nw7FqXff7XGXCHf8o2GWmGOFYv6NOQS
fckYEFQwjH0yG8atjS1cDfUKjy8NqXtt5FdsRzEwrHoMXeLmqjxDh2Om+oBaNl5s
h/LBEUFT3yskeLIQ9TnGFXMfXjuYCxoesDakx7cB57ByFPT9XUu1zUr+DhWHhTF3
gOlcfcGtqIYQa1Me7OBsIxaQk9001xksnOJNPEtmRXaz+puz7yZJfqBfJwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPTNAIkuOz89GOB+JxIS8h+5SAcYMB8GA1UdIwQY
MBaAFPoucqv3sXKP2mqgsEE9iFSBLqNhMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1pNXlxX2V4Y29fYWFxQ3dRVDJJVklFdW8yRS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMvZjYxNTkxLTdjYTgtNGE5YS04OTlm
LWEzNjZkYTI1MWE4My8xLzlNMEFpUzQ3UHowWTRING5FaEx5SDdsSUJ4Zy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWMvZjYxNTkxLTdjYTgtNGE5YS04OTlmLWEzNjZkYTI1MWE4
My8xLzEtaTV5cV9leGNvX2FhcUN3UVQySVZJRXVvMkUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLQYIKwYBBQUHAQcBAf8EHjAcMBoEAgABMBQwDAMEALnn
3QMEALnn3gMEALnwoDANBgkqhkiG9w0BAQsFAAOCAQEAucfTwtM4mN79duznyk/j
qmlGiKgMSheGUiN+uaMJzajWn1eYl6AA0QbEhIOTvagZC4caYmJYd8cAqadV0FFc
sIRK8kJVc0IOdUE/qVThEtFXPNwh8CJCAs0jBBJ5C9987ZMCk8yob4Dfd0Umdxlk
3sKiN2kWQE11zdp8AjQp9lXxnPec74OCLmZrosS/9jqTqt9wC/uqZN/hE12qU/sD
1UF6UrYeAiFvy7fMeOXsSaFzO5sRdSem5wjivvH3EMHIL5CWHbopE6s7WDNrzEvs
Sx4SQ57k3Dbi0cSS42XxW9N5lQYbGQX2jaDkLfkNmqfQRpM5XlgcRVZ3qBLqW7xt
5g==
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:31:42 2024 by rpki-client on console-ams.rpki-client.org